Deep dive into OAuth User-Managed Access (UMA) for CTOs. Learn how UMA 2.0 improves CIAM, delegated authorization, and enterprise SSO security.

A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, ...

The threat landscape continues to evolve, and cybersecurity professionals must keep pace with threat actors’ changing tactics and objectives. A recent supply attack that reportedly affected hundreds ...

GitHub has revealed that dozens of organizations were compromised by a data thief that used stolen OAuth tokens to access their private repositories. The developer platform’s security team opened an ...

PayPal fixed an issue that could have allowed an attacker to hijack OAuth tokens associated with any PayPal OAuth application. PayPal fixed an issue that could have allowed an attacker to hijack OAuth ...

Attackers leveraged stolen secrets to hijack integrations and access customer data, highlighting the need for enterprises to audit connected apps and enforce token hygiene. Salesforce has disclosed ...

One of the tasks I dread is configuring a web server to send email correctly via Gmail. The simplest way of sending emails is SMTP, and there are a number of scripts out there that provide a simple ...

CoPhish uses Copilot Studio agents to phish OAuth tokens via fake login flows Attackers exploit Microsoft domains to appear legitimate and access sensitive user data Mitigations include restricting ...

Salesforce is looking into unusual OAuth activity associated with Gainsight integrations after observing behavior that might have revealed customer data. Initial indications suggest a deliberate ...